Many switches are available today that provide network administrators the ability to disable or block physical ports. Disabling or turning off ports generally means blocking all network communications on those ports. This is done to protect the network from interruption of service because of unwanted data traffic due to security or policy violations coming in from those ports. These violations may include virus attacks, excessive ping requests, excessive number of incoming packets with an Internet Protocol (IP) address not associated with the particular port's subnet, address resolution protocol (ARP) data units destined for another switching or routing device, and protocol data units (PDUs) that exceed bandwidth restrictions or other network thresholds.
These disabled ports, however, are not disabled permanently. If the violations or the criteria guiding the disabling of these ports are corrected or no longer exist, these ports are enabled and used for network ingress and egress traffic.
To enable these disabled ports, however, a network administrator has to identify the port identification number of each disabled port, as well as the particular switching/routing device of each of these ports. The administrator, furthermore, has to manually issue a set of commands to the switching/routing device to enable these ports. This process is very cumbersome, labor intensive, and time consuming, particularly when the administrator is managing a large network.
There is therefore a need for a mechanism to obviate the need to manually enable ports and thereby unburden the administrator. The present invention solves this need.